GlassFish - World's first Java EE 7 Application Server


Contents Previous

WSS Messages

----WSS0126
Unsupported algorithm type. Only RSA supported.

Solution:

Check that the signature algorithm is RSA.

----WSS0129
Malformed message ds:Signature element missing from the wsse:Security header block.

Solution:

Check proper signature was generated while signing.

----WSS0134
Unable to Initialize XMLCipher with the given Key.

Solution:

Check that the XMLCipher was initialized properly.

----WSS0137
An appropriate JCE provider is not configured in the JRE.

Solution:

Look at root exception for more clues.

----WSS0144
Base64Decoding exception is the root cause.

Solution:

Check that the data is valid base64 encoded.

----WSS0147
TransformationConfiguration exception while trying to use stylesheet to pretty print.

Solution:

Make sure style sheet is valid.

----WSS0148
Exception while trying to pretty print using transform.

Solution:

Make sure the original SOAP Message and style sheet are both correct.

----WSS0156
Error in certificate used for validation.

Solution:

Check that the token contains a valid Certificate.

----WSS0165
XPath does not correspond to a DOM element.

Solution:

Check that the node represented by the XPath is a valid DOM
element.

----WSS0167
Invalid signature; verification failed.

Solution:

Make sure the signature was not tampered with in transit.

----WSS0168
Unable to generate a random symmetric key.

Solution:

Verify that the KeyGenerator has been properly initialized.

----WSS0169
Value of FilterParameterConstants.BINARY_SEC_TOKEN is not set.

Solution:

Check that direct referencestrategy is set before exporting the certificate.

----WSS0181
Subject not authorized; validation failed.

Solution:

Check that the user is authorized.

----WSS0182
FilterParameterConstants.REFERENCE_LIST parameter has a null value.

Solution:

The reference list that needs to be decrypted usually set by ImportEncryptedKeyFilter.

----WSS0183
Could not locate a valid symmetric key needed for decryption.

Solution:

Value of symmetric key seems to be null. Check its value.

----WSS0184
Could not retrieve security domain from the Securable SOAP message.

Solution:

Make sure the SecurityEnvironment factory has set the right security environment.

----WSS0185
Could not find the certificate associated with the direct reference strategy.

Solution:

Check that the URI is valid and subjectkeyidentifier parameter is set in
configuration.

----WSS0189
Data decryption algorithm has to be either Triple-DES, AES128-CBC, AES256-CBC.

Solution:

Check that the encryption algorithm used is either 3DES, AES128_CBC, AES256_CBC.

----WSS0190
The number of elements encrypted is less than required/allowed.

Solution:

Check that the data references for encryption (in message) match the requirements.

----WSS0191
A SymmetricKey was not generated earlier that is set on the calling thread.

KeyName specified could not locate a key in the security environment.

Solution:

Check that ExportEncryptedKeyFilter is called before. Check that a valid KeyStore URL is used to instantiate the SecurityEnvironment and it contains a matching SecretKey.

----WSS0192
At least one target needs to be specified for encryption.

Solution:

Check that a non-null target list is used to instantiate the filter.

----WSS0193
Target specified does not correspond to a valid message part.

Solution:

Check that a valid XPath/QName/wsuId are specified.

----WSS0194
SOAP-ENV:Header can not fully be encrypted.

SOAP-ENV:Body can not fully be encrypted.

Solution:

Check that a valid XPath/QName/wsuId are specified complying to the spec.

----WSS0195
ReferenceListBlock not set on the calling thread.

Solution:

Check that ExportEncryptedKeyFilter is called before. Check that ExportReferenceListFilter is called before.

----WSS0196
An instance of SecurityEnvironment class for the operating environment was not set on SecurableSoapMessage.

Solution:

Check that SetSecurityEnvironmentFilter processed the message before.

----WSS0198
Only RSA_SHA1 Signature algorithm is supported.

Solution:

Check that RSA_SHA1 signature algorithm is specified.

----WSS0199
Timestamp creation time can not be null.

Solution:

Check that non-null creation time is used to instantiate the filter.

----WSS0203
Header block corresponding to the desired requirement not found.

Solution:

Check that the message meets the security requirements.

----WSS0204
Illegal security header block found in the security header.

Solution:

Check that the message is SOAP Security specification compliant.

----WSS0205
Requirement for wsu:Timestamp has not been met.

Solution:

Check that the message meets the security requirements.

----WSS0206
Not all receiver requirements for security have been met.

Solution:

Check that the message meets the security requirements.

----WSS0208
Extra security than required by the receiver side policy found in the
message.

Solution:

Check that the message strictly meets the security requirements.

----WSS0209
The message filter is incorrectly configured to process an inbound message.

Solution:

Check that the filters are correctly configured to process inbound messages.

----WSS0210
Only RSAv1.5 Key Encryption Algorithm is supported.

Solution:

Check that the Key Encryption Algorithm used in the inbound message is RSAv1.5.

----WSS0212
Receiver requirement for digested password in UsernameToken not met.

Solution:

Check that the message meets the security requirements.

----WSS0213
Receiver requirement for nonce in UsernameToken not met.

Solution:

Check that the message meets the security requirements.

----WSS0215
handle() call for a PropertyCallback on the handler threw exception.

Solution:

Check the handler implementation.

----WSS0216
handle() call on the handler threw exception.

Solution:

Check the handler implementation.

----WSS0217
handle() call on the handler threw exception.

Solution:

Check the handler implementation.

----WSS0218
handle() call on the handler failed to set the Callback.

Solution:

Check the handler implementation for SignatureKeyCallback.DefaultPrivKeyCertRequest.

----WSS0219
handle() call on the handler failed to set the Callback.

Solution:

Check the handler implementation for SignatureKeyCallback.DefaultPrivKeyCertRequest.

----WSS0220
handle() call on the handler failed to set the Callback.

Solution:

Check the handler implementation for DecryptionKeyCallback.AliasSymmetricKeyRequest.

----WSS0221
handle() call on the handler failed to set the Callback.

Solution:

Check the handler implementation for SignatureKeyCallback and/or EncryptionKeyCallback, check keystores and truststores.

----WSS0222
handle() call on the handler failed to set the Callback.

Solution:

Check keystore path and ensure that the right keys are present.

----WSS0301
Data malformed. Base 64 decoding error.

Solution:

Verify that data is base64 encoded.

----WSS0302
Certificate parsing problem.

Solution:

Data stream used to create the x509 certificate maybe corrupted.

----WSS0303
Certificate encoding exception.

Solution:

Check that the x509 data is valid. Could not extract raw bytes from
it.

----WSS0306
Invalid password type.

Solution:

Password type must match that specified by the WSS specification.

----WSS0307
Nonce encoding namespace check failed.

Solution:

Nonce encoding type namespace seems invalid.

----WSS0310
NoSuchAlgorithmException: Invalid algorithm.

Solution:

Check that the algorithm passed to SecureRandom is valid.

----WSS0311
Password digest could not be created.

Solution:

Check that the algorithm passed to MessageDigest is valid.

----WSS0316
BinarySecurity token's Encoding type is invalid.

Solution:

Check that encoding value for BinarySecurity token is valid as per spec.

----WSS0317
Could not find X.509 certificate.

Solution:

Ensure certificate path is not empty and certificate type is correct.

----WSS0318
Error while parsing and creating the KeyInfo instance.

Solution:

Check values passed to KeyInfo constructor.

----WSS0319
Could not add key name to KeyInfo Header block.

Solution:

Check KeyInfo and KeyName have been instantiated without exceptions.

----WSS0320
Could not get KeyName from KeyInfo.

Solution:

Make sure the KeyName exists in the KeyInfo.

----WSS0321
Could not retrieve element from KeyInfo or could not import the node.

Solution:

Check the element to be converted to SOAPElement.

----WSS0322
Exception while parsing and creating the Signature element.

Solution:

Check that a fully initialized XML Signature was passed.

----WSS0323
Exception while trying to sign.

Solution:

Check the key used to sign.

----WSS0324
Exception while adding a Reference with URI, transforms and Digest algorithm URI to
SignedInfo.

Solution:

Verify the following:

  • Check getSignatureValue failure cause from underlying XML DSIG implementation.
  • Check that the message signed using corresponding private key, and has not been tampered with.
  • Check values passed to constructor of XMLSignature.addDocument passed to XML DSig implementation are correct.

----WSS0327
Could not retrieve element from Signature or could not import the node.

Solution:

Check the element to be converted to SOAPElement.

----WSS0328
Error parsing date.

Solution:

Check date format is in UTC. Check it is yyyy-MM-dd'T'HH:mm:ss'Z' or yyyy-MM-dd'T'HH:mm:ss'.'sss'Z'.

----WSS0329
Expecting UsernameToken Element.

Solution:

Check that the next element is UsernameToken.

----WSS0330
Username not first child of UsernameToken.

Solution:

Make sure first child of wsse:UsernameToken is Username in wsse namespace.

----WSS0331
Element may not be a proper UsernameToken.

Solution:

Check that the UsernameToken matches the token schema.

----WSS0332
Username was null.

Solution:

Check UsernameToken contains a valid Username.

----WSS0333
Keystore URL is null.

Solution:

Check that the property javax.net.ssl.keyStore is set properly.

----WSS0334
KeyIdentifier holds invalid ValueType.

Solution:

Check KeyIdentifier ValueType's value.

----WSS0335
KeyReference type not supported.

Solution:

KeyReference type should be one of KeyIdentifier, Reference, X509Data.

----WSS0336
Can't locate public key.

Solution:

Check public key retrieved should not be null.

----WSS0337
Could not resolve URI.

Solution:

Check DirectReference's ValueType, it is not supported.

----WSS0338
Key Reference Mechanism not supported.

Solution:

Check reference is one of X509IssuerSerial, DirectReference, KeyIdentifier.

----WSS0339
Support for processing information in the given ds:KeyInfo is not present.

Solution:

Check ds:KeyInfo matches schema.

----WSS0340
Creation time cannot be ahead of current UTC time.

Solution:

Check system time and ensure it is correct.

----WSS0341
Creation time is very old.

Solution:

Check system time and ensure it is correct.

----WSS0342
BinarySecurity Token's Value type is invalid.

Solution:

Check that valueType for BinarySecurity token is valid as per spec.

----WSS0343
Error in creating the BST due to 0.

Solution:

Check that all required values are set on the Binary Security Token, including
TextNode value.

----WSS0344
The binary data in the Security Token can not be decoded, expected
Base64 encoding.

Solution:

Check to see that the encoding format of the Binary Security Token is
Base64Binary.

----WSS0345
Error creating SOAPElement for EncryptedDataHeaderBlock.

Solution:

If SOAPElement is used to create EncryptedData HeaderBlock, check to see that
it is valid as per spec.

----WSS0346
Invalid SOAPElement passed to EncryptedDataHeaderBlock constructor.

Solution:

Check that the SOAPElement passed to EncryptedDataHeaderBlock is valid as per spec.

----WSS0347
SOAPElement used to initialize EncryptedType may not have CipherData element.

CipherData may not have been set on the EncryptedType.

Solution:

Check to see SOAPElement used to initialize EncryptedType has CipherData. Check to see setCipherData()
is called on the EncryptedType.

----WSS0348
Error creating SOAPElement for EncryptedKeyHeaderBlock.

Solution:

If SOAPElement is used to create EncryptedKeyHeaderBlock, check to see that it
is valid as per spec.

----WSS0349
Invalid SOAPElement passed to EncryptedKeyHeaderBlock().

Solution:

Check that the SOAPElement passed to EncryptedKeyHeaderBlock() is valid as per spec.

----WSS0350
Error creating/updating CipherData SOAPElement (in EncryptedKeyHeaderBlock).

Solution:

Refer your SAAJ API Documentation.

----WSS0351
Error creating EncryptionMethod SOAPElement.

Solution:

Refer your SAAJ API Documentation.

----WSS0352
Error creating javax.xml.soap.Name for CipherValue.

Solution:

Refer your SAAJ API Documentation.

----WSS0353
No CipherValue element(s) are present in CipherData.

Solution:

Check to see if setCipherValue() is called on EncryptedType.

----WSS0354
An error may have occurred creating javax.xml.soap.Name for EncryptionMethod.

Cause:

An error may have occurred creating javax.xml.soap.Name for KeyInfo. An error may
have occurred creating javax.xml.soap.Name for CipherData. An error may have occurred creating javax.xml.soap.Name
for EncryptionProperties.

Solution:

Refer your SAAJ API Documentation.

----WSS0355
Error creating com.sun.org.apache.xml.security.keys.content.keyvalues.DSAKeyValue.

Error creating com.sun.org.apache.xml.security.keys.content.keyvalues.RSAKeyValue. Error creating com.sun.org.apache.xml.security.keys.content.KeyValue.

Solution:

Check that a non-null SOAPElement is passed to addXXXKeyValue().

----WSS0356
Error creating com.sun.org.apache.xml.security.keys.content.X509Data.

Solution:

Check that a non-null SOAPElement is passed to addX509Data().

----WSS0357
Error getting KeyValue from KeyInfo for the given index.

Solution:

Check that the ds:KeyInfo element has ds:KeyValue elements. Check that the index (beginning
with 0) used to refer the ds:KeyValue element is valid.

----WSS0358
Error getting X509Data from KeyInfo for the given index.

Solution:

Check that the ds:KeyInfo element has ds:X509Data elements. Check that the index (beginning
with 0) used to refer the ds:X509Data element is valid.

----WSS0359
Error adding com.sun.org.apache.xml.security.keys.content.X509Data to KeyInfo.

Solution:

Check that a valid com.sun.org.apache.xml.security.keys.content.X509Data (as per specs.) is passed to addX509Data().

----WSS0360
An error may have occurred creating javax.xml.soap.Name for ReferenceList.

Solution:

Refer your SAAJ API Documentation.

----WSS0361
An error may have occurred creating org.w3c.dom.Element for ReferenceList.

Cause:

The org.w3c.dom.Document object passed ReferenceListHeaderBlock() may be null.

Solution:

Check that the Namespace specified does not contain any illegal characters as per
XML 1.0 specification. Check that the QName specified is not malformed (Refer
to the J2SE Documentation for more information). Check that a non-Null Document is
passed to the ReferenceListHeaderBlock().

----WSS0362
Invalid SOAPElement passed to ReferenceListHeaderBlock().

Solution:

Check that the SOAPElement passed to ReferenceListHeaderBlock() is valid as per spec.

----WSS0363
Error creating javax.xml.soap.SOAPElement for xenc:DataReference.

Cause:

Error adding xenc:DataReference (SOAPElement) as child element of xenc:DataReference (SOAPElement). Error setting
URI attribute on javax.xml.soap.SOAPElement for xenc:DataReference.

Solution:

Refer your SAAJ API Documentation.

----WSS0365
Error creating javax.xml.soap.SOAPElement for namespace node.

Solution:

Refer your SAAJ API Documentation.

----WSS0368
Error getting SOAPEnvelope from SOAPPart.

Solution:

Refer your SAAJ API Documentation.

----WSS0369
Error getting SOAPHeader from SOAPEnvelope.

Cause:

Error creating SOAPHeader.

Solution:

Refer to your SAAJ API Documentation.

----WSS0371
Error in getting the SOAPBody from the SOAPMessage.

Error in creating javax.xml.soap.Name for setting the fault on SOAPBody. Error in adding
fault to SOAPBody.

Solution:

Refer your SAAJ API Documentation.

----WSS0376
Error importing the SOAPElement representing the header block to the document corresponding to
the SOAPMessage to which the header is being added.

Solution:

Check that the SecurityHeaderBlock can be transformed to a valid SOAPElement. Refer to
the J2SE Documentation for more.

----WSS0377
Error creating javax.xml.soap.SOAPElement for SecurityTokenReference.

Solution:

Refer your SAAJ API Documentation.

----WSS0378
Error creating javax.xml.soap.SOAPElement for SecurityTokenReference.

Solution:

Check that the org.w3c.dom.Document object passed to SecurityTokenReference() is non-null. Refer your SAAJ API
Documentation.

----WSS0379
SOAPElement passed to SecurityTokenReference() is not a valid SecurityTokenReference element as per spec.

Solution:

Check that a valid SOAPElement as per spec. is passed to SecurityTokenReference().

----WSS0380
The ds:Reference would already have been set using the constructors.

Solution:

Check that a SOAPElement with ds:Reference (child element) is not used to
instantiate SecurityTokenReference.

----WSS0381
Error in setting the passed ReferenceElement on SecurityTokenReference.

Solution:

Refer your SAAJ API Documentation.

----WSS0382
Error appending ds:Object element to ds:Signature.

Solution:

Check that a valid ds:Object SOAPElement (as per spec.) is passed to
appendObject(). Check that a non-null SOAPElement is passed to appendObject().

----WSS0383
Owner document of ds:Signature SOAPElement is null.

Solution:

Check that the Document used to instantiate SignatureHeaderBlock() is not null.

----WSS0384
Error creating javax.xml.soap.Name for Timestamp.

Solution:

Refer your SAAJ API Documentation.

----WSS0385
The SOAPElement used to instantiate Timestamp() is not valid (as per specification).

Solution:

Check that the Localname and NamespaceURI of the SOAPElement used to create
Timestamp() are correct as per spec.

----WSS0386
Error creating javax.xml.soap.SOAPElement for Timestamp.

Error adding child SOAPElements to the Timestamp element.

Solution:

Refer your SAAJ API Documentation.

----WSS0387
Username is not set.

Solution:

Check that a Username has been passed through the configuration file or through
the callback handler.

----WSS0388
Error creating javax.xml.soap.SOAPElement for UsernameToken.

Error adding child SOAPElements to the UsernameToken element.

Solution:

Refer your SAAJ API Documentation.

----WSS0389
Base64 nonce encoding type has not been specified.

Solution:

Check that the nonce encoding type used to create UsernameToken is Base64.

----WSS0390
UTF-8 Charset is unsupported for byte-encoding (a string).

Solution:

Refer your J2SE Documentation.

----WSS0391
Invalid Localname and NamespaceURI of the SOAPElement used for creating the token.

Solution:

Check that the Localname and NamespaceURI of the SOAPElement used to create
X509SecurityToken are valid (as per specification).

----WSS0393
The expiration time in Timestamp cannot be before current UTC time.

Solution:

Check system time and ensure it is correct.

----WSS0394
Error parsing date.

Solution:

Check date format is in UTC. Check it is yyyy-MM-dd'T'HH:mm:ss'Z' or yyyy-MM-dd'T'HH:mm:ss'.'sss'Z'.

----WSS0500
Classname not a recognized class name for a MessageFilter.

Solution:

Check that the class implements MessageFilter.

----WSS0502
Element encountered does not match element expected.

Solution:

Check that the XML file follows schema for defining configuration.

----WSS0503
Element encountered does not match valid element expected.

Solution:

Check that the XML file follows schema for defining configuration.

----WSS0508
Default settings can not be specified after custom settings are specified.

Solution:

Check that no sender operations or receiver requirements are specified in a configuration.
file. Check that no sender or receiver settings are programmatically added.

----WSS0509
Custom settings can not be specified after default settings are specified.

Solution:

Check that no default settings are programmatically added.

----WSS0511
Non-permissible boolean value string - valid strings are true and false.

Solution:

Check that the boolean value strings are either true or false.

----WSS0512
Non-permissible attribute on a Security Configuration element.

Solution:

Check that the configuration file is consistent with the security configuration schema.

----WSS0513
Non-permissible element on xwss:SecurityConfiguration.

Solution:

Check that the configuration file is consistent with the security configuration schema.

----WSS0514
Non-permissible child element in a Security Configuration element.

Solution:

Check that the configuration file is consistent with the security configuration schema.

----WSS0515
Impermissible value for key reference string.

Solution:

Check that the configuration file is consistent with the security configuration schema.

----WSS0516
Non-permissible duplicate element on a Security Configuration Element.

Solution:

Check that the configuration file is consistent with the security configuration schema.

----WSS0517
Non-permissible duplicate element on a Security Configuration Element.

Solution:

Check that the configuration file is consistent with the security configuration schema.

----WSS0519
Non-permissible/missing attribute value.

Solution:

Check that the configuration file is consistent with the security configuration schema.

----WSS0520
xwss:SymmetricKey is not permitted along with xwss:X509Token.

Solution:

Check that the configuration file is consistent with the security configuration schema.

----WSS0600
A Key can not be located in SecurityEnvironment for the Token Reference.

Solution:

Check that the certificate referred to is valid and present in the Keystores.

----WSS0601
A Key can not be located in SecurityEnvironment for the KeyValue.

Solution:

Check that the certificate referred to is valid and present in the Keystores.

----WSS0602
A Key can not be located in SecurityEnvironment for the X509Data.

Solution:

Check that the certificate referred to is valid and present in the Keystores.

----WSS0603
XPathAPI TransformerException in finding element with matching wsu:Id/Id/SAMLAssertionID.

Solution:

Refer your XPathAPI documentation.

----WSS0606
Input Node Set to STR Transform is empty.

Solution:

Check that the Referenced Node (to be STR transformed) in ds:SignedInfo is valid.

----WSS0608
The Reference Mechanism in the SecurityTokenReference is not supported.

Solution:

Check that the Reference Mechanism is either Direct/KeyIdentifier/X509IssuerSerial.

----WSS0609
The referenced security token is neither an XML token nor a raw
binary token.

Solution:

Check the referenced security token.

----WSS0650
Username/Password data file not found.

Solution:

Check that the system property com.sun.xml.wss.usersFile is set.

----WSS0654
Error creating javax.xml.soap.Name for wsu:Id.

Solution:

Try the following:

  • Refer your SAAJ API Documentation.
  • Check that the Class object corresponds to the header block identified by the SOAPElement.

----WSS0656
The Keystore URL is not specified/invalid in server.xml.

A Keystore file does not exist in $user.home.

Solution:

Check that the keystoreFile attribute is specified on SSL Coyote HTTP/1.1 Connector element
in server.xml and is valid. Check that a keystore file exists in $user.home.

----WSS0700
An instance of SecurityEnvironment is not set on SecurableSoapMessage.

Solution:

Check that setSecurityEnvironment() is called on the SecurableSoapMessage. Check that SetSecurityEnvironmentFilter is applied
on SecurableSoapMessage.

----WSS0701
No X509v3 Certificate can be located for the alias in Keystore.

Cause:

If no alias has been specified for signing, no default certificate is available.

Solution:

Check that a default certificate is available and/or a valid alias is used.

----WSS0702
The X509v3 Certificate for the given alias does not contain a subject key
identifier.

Solution:

Check that a valid X509v3 certificate is present in Keystores.

----WSS0704
Agreement name: SESSION-KEY-VALUE, has not been set on the SecurityEnvironment instance.

Solution:

Check that the agreement name SESSION-KEY-VALUE is set on SecurityEnvironment using setAgreementProperty().

----WSS0750
Error creating javax.xml.soap.SOAPElement.

Solution:

Refer your SAAJ API Documentation.

----WSS0751
The localname of the SOAPElement passed is not Reference.

The namespace URI of the SOAPElement passed does not conform to WSS Spec.

Solution:

Check that a SOAPElement conformant to spec. is passed.

----WSS0752
The localname of the SOAPElement passed is not Embedded.

The namespace URI of the SOAPElement passed does not conform to WSS Spec.

Solution:

Check that a SOAPElement conformant to spec. is passed.

----WSS0753
An embedded token in wsse:Embedded element is missing.

Solution:

Check that the token element is conformant to the WSS specification.

----WSS0754
Token on EmbeddedReference has already been set.

Cause:

A SOAPElement representation of EmbeddedReference containing the Token is used to create
the EmbeddedReference instance.

----WSS0756
Error creating SOAPElement for wsse:KeyIdentifier.

Solution:

Check your SAAJ API Documentation.

----WSS0757
Error adding KeyIdentifier value to wsse:KeyIdentifer.

Solution:

Check your SAAJ API Documentation.

----WSS0758
Error creating javax.xml.soap.Name.

Solution:

Refer your SAAJ API Documentation.

----WSS0759
An X509IssuerSerial instance can not be created.

Solution:

Check that the SOAPElement passed to the constructor is conformant to spec. (and
has X509IssuerSerial child elements).

----WSS0800
ds:KeyInfo in the message is not a valid one.

Solution:

Check if the ds:KeyInfo in the message is valid.

Contents Previous